[postban.sh] new release

Questions and answers about how to do stuff
Post Reply
nicola.piazzi
Posts: 283
Joined: 23 Apr 2015 09:45

[postban.sh] new release

Post by nicola.piazzi » 08 Nov 2016 08:54

This simple script scan incoming messages each minute,
Only if it found some spam in the last minute it rebuild the ip ban table and pass it to postfix.
this table tell to postfix to reject messages from spam ip, they are ip that recently sent spam without sending some ham

Put attached file postban.sh in a dir (example /batch/postban.sh)
chmod 777 /batch/postban.sh
Put in root cron a line that execute this script every minute :
* * * * * /batch/postban.sh > /dev/null
Modify your main.cf in postfix at this line like here and then postfix reload :
smtpd_client_restrictions = (OTHER YOUR PARAMETERS) check_client_access hash:/etc/postfix/postban_access
Set your ROOTPWD of your mysql server in postban.sh Parameters section
Set your RJMESSAGE in postban.sh Parameters section
Optionally set other parameters in postban.sh Parameters section
You can see working in /batch/postban.log
Attachments
postban.zip
(1.57 KiB) Downloaded 109 times

ovizii
Posts: 459
Joined: 11 May 2016 08:08

Re: [postban.sh] new release

Post by ovizii » 08 Nov 2016 18:53

after double checking seems only this part is new from the last version: S0 - right?

Also, how do I edit this:

Code: Select all

"SELECT count(clientip) \                                                               FROM mailscanner.maillog \                                                                WHERE timestamp > DATE_SUB(now(), INTERVAL 1 MINUTE) \
if I only run my cron job say every 5 minutes as opposed to your setting of every minute?

nicola.piazzi
Posts: 283
Joined: 23 Apr 2015 09:45

Re: [postban.sh] new release

Post by nicola.piazzi » 09 Nov 2016 07:53

The script run every 1 minute to catch immediately new spam attack
note that every minute it check for spam in the last minute, if no spam found it doesnt rebuild the table

ovizii
Posts: 459
Joined: 11 May 2016 08:08

Re: [postban.sh] new release

Post by ovizii » 09 Nov 2016 09:40

as I said, my cron job runs every 5 minutes. But I have now changed it to every minute as you recommended.

wilbourne
Posts: 52
Joined: 22 Sep 2016 09:04

Re: [postban.sh] new release

Post by wilbourne » 09 Nov 2016 09:54

in case in mailscanner indicates several IP address how does the script? is it blocks all the IP addresses? or only one?

ovizii
Posts: 459
Joined: 11 May 2016 08:08

Re: [postban.sh] new release

Post by ovizii » 09 Nov 2016 10:23

wilbourne wrote:in case in mailscanner indicates several IP address how does the script? is it blocks all the IP addresses? or only one?
The script is self explaining, it extracts all IPs which correspond to the values you gave it then blocks all those IPs on MTA level.

wilbourne
Posts: 52
Joined: 22 Sep 2016 09:04

Re: [postban.sh] new release

Post by wilbourne » 09 Nov 2016 10:25

thank's :lol:

Post Reply